| Topic | Details |
| Topic 1 | - SAFE Key Structure: This section of the exam measures skills of Network Security Designers and focuses on the SAFE framework's key structural elements. It includes understanding ¡®Places in the Network¡¯¡ªthe different network zones¡ªand defining ¡®Secure Domains¡¯ to organize security policy implementation effectively.
|
| Topic 2 | - Application and Data Security This section of the exam measures skills of Cloud Security Analysts and explores how to defend applications and data from cyber threats. It introduces the MITRE ATT&CK framework, explains cloud attack patterns, and discusses mitigation strategies. Additionally, it covers web application firewall functions, lateral movement prevention, microsegmentation, and creating policies for secure application connectivity in multicloud environments.
|
| Topic 3 | - Integrated Architecture Use Cases: This section of the exam measures the skills of Cloud Solution Architects and covers key capabilities within an integrated cloud security architecture. It focuses on ensuring common identity across platforms, setting multicloud policies, integrating secure access service edge (SASE), and implementing zero-trust network access models for more resilient cloud environments.
|
| Topic 4 | - Cloud Security Architecture: This section of the exam measures the skills of Cloud Security Architects and covers the fundamental components of the Cisco Security Reference Architecture. It introduces the role of threat intelligence in identifying and mitigating risks, the use of security operations tools for monitoring and response, and the mechanisms of user and device protection. It also includes strategies for securing cloud and on-premise networks, as well as safeguarding applications, workloads, and data across environments.
|
| Topic 5 | - Visibility and Assurance: This section of the exam measures skills of Security Operations Center (SOC) Analysts and focuses on monitoring, diagnostics, and compliance. It explains the Cisco XDR solution, discusses visibility automation, and describes tools for traffic analysis and log management. The section also involves diagnosing application access issues, validating telemetry for behavior analysis, and verifying user access with tools like firewall logs, Duo, and Cisco Secure Workload.
|
| Topic 6 | - Industry Security Frameworks: This section of the exam measures the skills of Cybersecurity Governance Professionals and introduces major industry frameworks such as NIST, CISA, and DISA. These frameworks guide best practices and compliance in designing secure systems and managing cloud environments responsibly.
|